Certutil Tests |
Test Case | Result |
Creating CA Cert DB | Passed |
Creating CA Cert TestCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert DB | Passed |
Creating CA Cert serverCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert chain-1-serverCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert chain-2-serverCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert DB | Passed |
Creating CA Cert clientCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert chain-1-clientCA | Passed |
Exporting Root Cert | Passed |
Creating CA Cert chain-2-clientCA | Passed |
Exporting Root Cert | Passed |
Initializing charm.red.iplanet.com's Cert DB (ext.) | Passed |
Generate Cert Request for charm.red.iplanet.com (ext) | Passed |
Sign charm.red.iplanet.com's Request (ext) | Passed |
Import charm.red.iplanet.com's Cert -t u,u,u (ext) | Passed |
Import Client Root CA -t T,, for charm.red.iplanet.com (ext.) | Passed |
Import serverCA CA -t C,C,C for charm.red.iplanet.com (ext.) (255) | Failed |
Import chain-1-serverCA CA -t u,u,u for charm.red.iplanet.com (ext.) (255) | Failed |
Import chain-2-serverCA CA -t u,u,u for charm.red.iplanet.com (ext.) | Passed |
Initializing ExtendedSSLUser's Cert DB (ext.) | Passed |
Generate Cert Request for ExtendedSSLUser (ext) | Passed |
Sign ExtendedSSLUser's Request (ext) | Passed |
Import ExtendedSSLUser's Cert -t u,u,u (ext) | Passed |
Import Server Root CA -t C,C,C for ExtendedSSLUser (ext.) (255) | Failed |
Import clientCA CA -t T,C,C for ExtendedSSLUser (ext.) | Passed |
Import chain-1-clientCA CA -t u,u,u for ExtendedSSLUser (ext.) | Passed |
Import chain-2-clientCA CA -t u,u,u for ExtendedSSLUser (ext.) | Passed |
Initializing TestUser's Cert DB | Passed |
Import Root CA for TestUser | Passed |
Generate Cert Request for TestUser | Passed |
Sign TestUser's Request | Passed |
Import TestUser's Cert | Passed |
Initializing charm.red.iplanet.com's Cert DB | Passed |
Import Root CA for charm.red.iplanet.com | Passed |
Generate Cert Request for charm.red.iplanet.com | Passed |
Sign charm.red.iplanet.com's Request | Passed |
Import charm.red.iplanet.com's Cert | Passed |
Import charm.red.iplanet.com's Cert | Passed |
Initializing Alice's Cert DB | Passed |
Import Root CA for Alice | Passed |
Generate Cert Request for Alice | Passed |
Sign Alice's Request | Passed |
Import Alice's Cert | Passed |
Initializing Bob's Cert DB | Passed |
Import Root CA for Bob | Passed |
Generate Cert Request for Bob | Passed |
Sign Bob's Request | Passed |
Import Bob's Cert | Passed |
Initializing Dave's Cert DB | Passed |
Import Root CA for Dave | Passed |
Generate Cert Request for Dave | Passed |
Sign Dave's Request | Passed |
Import Dave's Cert | Passed |
Import Alices's cert into Bob's db | Passed |
Import Bob's cert into Alice's db | Passed |
Import Dave's cert into Alice's DB | Passed |
Import Dave's cert into Bob's DB | Passed |
Initializing FIPS PUB 140-1 Test Certificate's Cert DB | Passed |
Enable FIPS mode on database for FIPS PUB 140-1 Test Certificate | Passed |
Generate Certificate for FIPS PUB 140-1 Test Certificate | Passed |
SSL Cipher Coverage |
Test Case | Result |
SSL2 RC4 128 WITH MD5 | Passed |
SSL2 RC4 128 EXPORT40 WITH MD5 | Passed |
SSL2 RC2 128 CBC WITH MD5 | Passed |
SSL2 RC2 128 CBC EXPORT40 WITH MD5 | Passed |
SSL2 DES 64 CBC WITH MD5 | Passed |
SSL2 DES 192 EDE3 CBC WITH MD5 | Passed |
SSL3 RSA WITH RC4 128 MD5 | Passed |
SSL3 RSA WITH 3DES EDE CBC SHA | Passed |
SSL3 RSA WITH DES CBC SHA | Passed |
SSL3 RSA EXPORT WITH RC4 40 MD5 | Passed |
SSL3 RSA EXPORT WITH RC2 CBC 40 MD5 | Passed |
SSL3 RSA WITH NULL MD5 | Passed |
SSL3 RSA FIPS WITH 3DES EDE CBC SHA | Passed |
SSL3 RSA FIPS WITH DES CBC SHA | Passed |
SSL3 RSA EXPORT WITH DES CBC SHA (new) | Passed |
SSL3 RSA EXPORT WITH RC4 56 SHA (new) | Passed |
SSL3 RSA WITH RC4 128 SHA | Passed |
SSL3 RSA WITH AES 128 CBC SHA | Passed |
SSL3 RSA WITH AES 256 CBC SHA | Passed |
SSL3 RSA WITH NULL SHA | Passed |
TLS RSA WITH RC4 128 MD5 | Passed |
TLS RSA WITH 3DES EDE CBC SHA | Passed |
TLS RSA WITH DES CBC SHA | Passed |
TLS RSA EXPORT WITH RC4 40 MD5 | Passed |
TLS RSA EXPORT WITH RC2 CBC 40 MD5 | Passed |
TLS RSA WITH NULL MD5 | Passed |
TLS RSA FIPS WITH 3DES EDE CBC SHA | Passed |
TLS RSA FIPS WITH DES CBC SHA | Passed |
TLS RSA EXPORT WITH DES CBC SHA (new) | Passed |
TLS RSA EXPORT WITH RC4 56 SHA (new) | Passed |
TLS RSA WITH RC4 128 SHA | Passed |
TLS RSA WITH AES 128 CBC SHA | Passed |
TLS RSA WITH AES 256 CBC SHA | Passed |
TLS RSA WITH NULL SHA | Passed |
SSL Client Authentication |
Test Case | Result |
TLS Request don't require client auth (client does not provide auth) | Passed |
TLS Request don't require client auth (bad password) | Passed |
TLS Request don't require client auth (client auth) | Passed |
TLS Require client auth (client does not provide auth) | Passed |
TLS Require client auth (bad password) | Passed |
TLS Require client auth (client auth) | Passed |
SSL3 Request don't require client auth (client does not provide auth) | Passed |
SSL3 Request don't require client auth (bad password) | Passed |
SSL3 Request don't require client auth (client auth) | Passed |
SSL3 Require client auth (client does not provide auth) | Passed |
SSL3 Require client auth (bad password) | Passed |
SSL3 Require client auth (client auth) | Passed |
TLS Request don't require client auth on 2nd hs (client does not provide auth) | Passed |
TLS Request don't require client auth on 2nd hs (bad password) | Passed |
TLS Request don't require client auth on 2nd hs (client auth) | Passed |
TLS Require client auth on 2nd hs (client does not provide auth) | Passed |
TLS Require client auth on 2nd hs (bad password) | Passed |
TLS Require client auth on 2nd hs (client auth) | Passed |
SSL3 Request don't require client auth on 2nd hs (client does not provide auth) | Passed |
SSL3 Request don't require client auth on 2nd hs (bad password) | Passed |
SSL3 Request don't require client auth on 2nd hs (client auth) | Passed |
SSL3 Require client auth on 2nd hs (client does not provide auth) | Passed |
SSL3 Require client auth on 2nd hs (bad password) | Passed |
SSL3 Require client auth on 2nd hs (client auth) | Passed |
SSL Cipher Coverage Extended test |
Test Case | Result |
SSL3 RSA WITH RC4 128 MD5 | Failed |
SSL3 RSA WITH 3DES EDE CBC SHA | Failed |
SSL3 RSA WITH DES CBC SHA | Failed |
SSL3 RSA EXPORT WITH RC4 40 MD5 | Failed |
SSL3 RSA EXPORT WITH RC2 CBC 40 MD5 | Failed |
SSL3 RSA WITH NULL MD5 | Failed |
SSL3 RSA FIPS WITH 3DES EDE CBC SHA | Failed |
SSL3 RSA FIPS WITH DES CBC SHA | Failed |
SSL3 RSA EXPORT WITH DES CBC SHA (new) | Failed |
SSL3 RSA EXPORT WITH RC4 56 SHA (new) | Failed |
SSL3 RSA WITH RC4 128 SHA | Failed |
SSL3 RSA WITH AES 128 CBC SHA | Failed |
SSL3 RSA WITH AES 256 CBC SHA | Failed |
SSL3 RSA WITH NULL SHA | Failed |
TLS RSA WITH RC4 128 MD5 | Failed |
TLS RSA WITH 3DES EDE CBC SHA | Failed |
TLS RSA WITH DES CBC SHA | Failed |
TLS RSA EXPORT WITH RC4 40 MD5 | Failed |
TLS RSA EXPORT WITH RC2 CBC 40 MD5 | Failed |
TLS RSA WITH NULL MD5 | Failed |
TLS RSA FIPS WITH 3DES EDE CBC SHA | Failed |
TLS RSA FIPS WITH DES CBC SHA | Failed |
TLS RSA EXPORT WITH DES CBC SHA (new) | Failed |
TLS RSA EXPORT WITH RC4 56 SHA (new) | Failed |
TLS RSA WITH RC4 128 SHA | Failed |
TLS RSA WITH AES 128 CBC SHA | Failed |
TLS RSA WITH AES 256 CBC SHA | Failed |
TLS RSA WITH NULL SHA | Failed |
SSL Client Authentication Extended test |
Test Case | Result |
TLS Request don't require client auth (client does not provide auth) | Failed |
TLS Request don't require client auth (bad password) | Failed |
TLS Request don't require client auth (client auth) | Failed |
TLS Require client auth (client does not provide auth) | Failed |
TLS Require client auth (bad password) | Passed |
TLS Require client auth (client auth) | Failed |
SSL3 Request don't require client auth (client does not provide auth) | Failed |
SSL3 Request don't require client auth (bad password) | Failed |
SSL3 Request don't require client auth (client auth) | Failed |
SSL3 Require client auth (client does not provide auth) | Failed |
SSL3 Require client auth (bad password) | Passed |
SSL3 Require client auth (client auth) | Failed |
TLS Request don't require client auth on 2nd hs (client does not provide auth) | Failed |
TLS Request don't require client auth on 2nd hs (bad password) | Failed |
TLS Request don't require client auth on 2nd hs (client auth) | Failed |
TLS Require client auth on 2nd hs (client does not provide auth) | Failed |
TLS Require client auth on 2nd hs (bad password) | Failed |
TLS Require client auth on 2nd hs (client auth) | Failed |
SSL3 Request don't require client auth on 2nd hs (client does not provide auth) | Failed |
SSL3 Request don't require client auth on 2nd hs (bad password) | Failed |
SSL3 Request don't require client auth on 2nd hs (client auth) | Failed |
SSL3 Require client auth on 2nd hs (client does not provide auth) | Failed |
SSL3 Require client auth on 2nd hs (bad password) | Failed |
SSL3 Require client auth on 2nd hs (client auth) | Failed |
FIPS 140-1 Compliance Tests |
Test Case | Result |
List the FIPS module certificates (certutil -L) | Passed |
List the FIPS module keys (certutil -K) | Passed |
Attempt to list FIPS module keys with incorrect password (certutil -K) | Passed |
Validate the certificate (certutil -V -e) | Passed |
Export the certificate and key as a PKCS#12 file (pk12util -o) | Passed |
Export the certificate as a DER (certutil -L -r) | Passed |
List the FIPS module certificates (certutil -L) | Passed |
Delete the certificate and key from the FIPS module (certutil -D) | Passed |
List the FIPS module certificates (certutil -L) | Passed |
List the FIPS module keys (certutil -K) | Passed |
Import the certificate and key from the PKCS#12 file (pk12util -i) | Passed |
List the FIPS module certificates (certutil -L) | Passed |
List the FIPS module keys (certutil -K) | Passed |
CERT and Key DB Tests |
Test Case | Result |
Certutil failed in a nonexisting dir 255 | Passed |
Dbtest readonly failed in a nonexisting dir 46 | Passed |
Dbtest force succeeded in a nonexisting dir 0 | Passed |
Tstclnt failed in an empty dir 1 | Passed |
Dbtest readonly failed in an empty dir 46 | Passed |
Certutil failed in an empty dir 255 | Passed |
Dbtest force readonly succeeded in an empty dir 0 | Passed |
Dbtest r/w failed in an readonly dir 46 | Passed |
Certutil failed in an readonly dir 255 | Passed |
Dbtest readonly succeeded in a readonly dir 0 | Passed |
Dbtest force succeeded in a readonly dir 0 | Passed |